It is impossible for me to pass safetynet CTS profile - Xiaomi Redmi 3s Questions & Answers

I have reflashed my phone about 3 times and the last resulting in a fresh start without carrying over any data. My original rooting method was system mode which left me unable to accept OTA updates and was unstable. I am now using systemless magisksu and systemless Xposed with a untouched system partition. And at first I was able to play games like fire emblem heroes and pokemon go without trouble, then after a while I noticed that the same issues were happening again. Fire emblem gives a error code dispite me having hide magisk and automagisk enables for it, same for pokemon go. No matter what I do or how many times I reinstall I always get the errors.
I have read that you cannot hide root if you have a unlocked bootloader which I do. I have a stock ROM but a unlocked bootloader because I have a developer global installed. Do I need to modify my boot.img to not have the flag?

With original developer I think that you can relock the bootloader.... But you have to flash the original recovery too... I think I tried and it stuck so you might consider flashing via fastboot the original developer. I am not sure what happens to root
To lock bootloader you have to go to fastboot mode and type fastboot oem lock

jimger said:
With original developer I think that you can relock the bootloader.... But you have to flash the original recovery too... I think I tried and it stuck so you might consider flashing via fastboot the original developer. I am not sure what happens to root
To lock bootloader you have to go to fastboot mode and type fastboot oem lock
Click to expand...
Click to collapse
1. i have heard that relocking bootloader is actually more dangerous then unlocking and i have permabricked a 3s before and
2. no way will i unhack and relock just so that i can use some apps that to ignorant to leave rooted people alone. i will have to find away to make a custom kernal that removed the saftynet flag. someone was talking about that for another phone.

I don't think it is easy to brick redmi 3s.... Have you tried getting it into edl?
For me even when I had it with black screen I could "do" stuff to it. You can relock it if you use miflash and put developer and/or stable from en.miui.com. It will replace both your system and your recovery but also delete your media to your internal "sd".
I use an xposed module that responds well to safetynet but actually it doesn't really pass. Android pay can't be activated (to me) and I am not sure about pokemon or whatever because I don't use it. But safety net passes. I use an app from play store safetynet helper which in latest version included a basic integrity check. Well my device responds ok to cts profile but fails to basic integrity. Not sure why exactly but even thought I have magisk+ supersu in systemless mode I have touched the /system partition perhaps with adaway or I don't know for sure. I don't know how undroid checks for tampered system partition. I have miui-globe rom which is not official

jimger said:
I don't think it is easy to brick redmi 3s.... Have you tried getting it into edl?
For me even when I had it with black screen I could "do" stuff to it. You can relock it if you use miflash and put developer and/or stable from en.miui.com. It will replace both your system and your recovery but also delete your media to your internal "sd".
I use an xposed module that responds well to safetynet but actually it doesn't really pass. Android pay can't be activated (to me) and I am not sure about pokemon or whatever because I don't use it. But safety net passes. I use an app from play store safetynet helper which in latest version included a basic integrity check. Well my device responds ok to cts profile but fails to basic integrity. Not sure why exactly but even thought I have magisk+ supersu in systemless mode I have touched the /system partition perhaps with adaway or I don't know for sure. I don't know how undroid checks for tampered system partition. I have miui-globe rom which is not official
Click to expand...
Click to collapse
trust me i have tried everything to unbrick that phone it is IMPOSSIBLE no one can fix it, it just sits as spare parts in my storage now as i brought another one
https://forum.xda-developers.com/xiaomi-redmi-3s/help/bricked-redmi-3s-identify-test-force-t3438220
http://en.miui.com/thread-326730-1-1.html
http://en.miui.com/thread-373634-1-1.html
and even when my phone isn't rooted like after a fresh miflash after like 20 minutes the test fails but for that little time before then everything is ok.

Which test?
I saw that you ordered the deep flash cable and still not ok?
Have you tried the modified reboot to edl?
Also have you got x64 windows with test mode enabled?
https://forum.xda-developers.com/redmi-note-3/how-to/guide-reboot-to-edl-mode-fastboot-test-t3398718

jimger said:
Which test?
I saw that you ordered the deep flash cable and still not ok?
Have you tried the modified reboot to edl?
Also have you got x64 windows with test mode enabled?
https://forum.xda-developers.com/redmi-note-3/how-to/guide-reboot-to-edl-mode-fastboot-test-t3398718
Click to expand...
Click to collapse
yes and yes the cable did not do anything
trust me i have tried everything anyone can ever imagine.

xdarkmario said:
yes and yes the cable did not do anything
trust me i have tried everything anyone can ever imagine.
Click to expand...
Click to collapse
Well don't know Then you are one of the very few... I can't tell anything else

If you reflash in fastboot it will be relocked. And there is no problem at all....

I am still having issues with this, i dont have the knowledge for compiling a kernel from source. no matter what i try i just cant bypass this stupid saftynet. if i flash the phone from scratch it will allow me to use saftynet protected app for a little bit but on reboot or something i cant use use it again.

As far as I know, developer ROMs don't pass SafetyNet, only the stable ROMs. And only with locked bootloader and without any modifications (root, xposed, magisk, etc.). For locking bootloader I recommend you to flash a fastboot ROM in fastboot mode and in MiFlash choose flash all and lock option, this way you will not brick your phone. But if it's not working and as I see you can unlock your bootloader, I recommend you xiaomi.eu ROMs. If all is true, the next release (both of beta and stable) will bypass SafetyNet (of course without modifications, but with this ROM don't lock your bootloader). But since it's based on china ROMs, beta releases are suspended until august. From the stable ROMs MIUI 8.2 doesn't pass SafetyNet yet, so you have to wait to MIUI 8.5.

22Dávid22 said:
As far as I know, developer ROMs don't pass SafetyNet, only the stable ROMs. And only with locked bootloader and without any modifications (root, xposed, magisk, etc.). For locking bootloader I recommend you to flash a fastboot ROM in fastboot mode and in MiFlash choose flash all and lock option, this way you will not brick your phone. But if it's not working and as I see you can unlock your bootloader, I recommend you xiaomi.eu ROMs. If all is true, the next release (both of beta and stable) will bypass SafetyNet (of course without modifications, but with this ROM don't lock your bootloader). But since it's based on china ROMs, beta releases are suspended until august. From the stable ROMs MIUI 8.2 doesn't pass SafetyNet yet, so you have to wait to MIUI 8.5.
Click to expand...
Click to collapse
i know how to relock my bootloader, i have done it before and relocked it as well as my xiaomi account is allowed to do so but for what i do i at least a rooted phone at the least. xposed it a heavy want but not mandatory like root is. i also need to be on the global weekly because the stable haven't added EXfat support yet.

Use magisk 13.3 =_=

jimger said:
I don't think it is easy to brick redmi 3s.... Have you tried getting it into edl?
For me even when I had it with black screen I could "do" stuff to it. You can relock it if you use miflash and put developer and/or stable from en.miui.com. It will replace both your system and your recovery but also delete your media to your internal "sd".
I use an xposed module that responds well to safetynet but actually it doesn't really pass. Android pay can't be activated (to me) and I am not sure about pokemon or whatever because I don't use it. But safety net passes. I use an app from play store safetynet helper which in latest version included a basic integrity check. Well my device responds ok to cts profile but fails to basic integrity. Not sure why exactly but even thought I have magisk+ supersu in systemless mode I have touched the /system partition perhaps with adaway or I don't know for sure. I don't know how undroid checks for tampered system partition. I have miui-globe rom which is not official
Click to expand...
Click to collapse
All the neccessary apps ( android pay & Pokemon ) use basic integrity

Related

[TUTORIAL][Tethering]+[Android Pay] How to have your Nougat, and eat it too!

Obviously I'm not responsible for your mom exploding or your phone disowning you, but.....
I got tethering and Android Pay working on stock Nougat - that's Android N, folks - on a Nexus.
(confirmed will work on Marshmallow and up on 5, 5x, 6, 6p...etc.)
Thanks to @Chainfire, @ManHands and @interloper, and you!
click thanks if this helps, or buy me a beer or something.
prerequisites:
working adb and fastboot (from platform-tools in the Android SDK if you don't know where to find it)
twrp .img for your device
latest stable systemless supersu
1. be on Marshmallow or Nougat obviously
2. flash twrp
(volume down + power on nexus gets you into bootloader, then after flashing recovery, use volume buttons to scroll and power button to select recovery mode)
3. flash systemless root while booted into twrp (unsure if .supersu SYSTEMLESS=true in /data is still needed, but can't hurt - mine is still there from earlier.)
4. while still in twrp, go to mount and check system. Make sure you allow changes.
5. from your computer, do this
Code:
adb shell
echo "net.tethering.noprovisioning=true" >> /system/build.prop
6. reboot into Android.
7. Install Terminal Emulator from the Play Store.
8. Launch it, and in Terminal Emulator, do this
Code:
su
settings put global tether_dun_required 0
exit
9. go into Supersu, expert, scroll to the bottom and hit full unroot. No, you don't want it to patch you back to the stock boot image or recovery*. If it hangs, just reboot and try doing it again.
10. ????
11. Profit! You should have tethering unlocked, be unrooted, and have full Android Pay goodness working.
To take an OTA, do this, because Flashfire gets confused after you've done build.prop edits -
1. go to About Phone, scroll down. Find your build number.
2. download that Nexus Factory Image.
3. Unzip it all. ALL OF IT.
4. Make sure you have Android SDK & platform-tools (or just a working Fastboot and ADB)
5. just flash boot, system, and recovery - you can now OTA with no problems. Then repeat the above guide on your new OTA. Confirmed working 10 minutes ago, OTA'ing from Marshmallow to Nougat and then getting tethering working again
ALTERNATE IF YOU PREFER FLASHFIRE:
All the above steps, but you only have to flash the System image to fix the build.prop hash fail then flashfire should work for you. Wouldn't necessarily recommend upgrading version numbers (6.0.1 to 7.0.0) with Flashfire, but who knows, it might work great! Chainfire is a wizard.
*you can do this if you want, but when I let it patch my boot image I got the dreaded "device corrupt!!!!1" message at boot. Did not try letting it flash stock recovery image.
You're mentioning to do a systemless root but enable read/write on the system partition. Isnt't that counter-intuitive?
codycook said:
You're mentioning to do a systemless root but enable read/write on the system partition. Isnt't that counter-intuitive?
Click to expand...
Click to collapse
Nope! rw system is only for the build.prop echo, other than that you don't touch /system
Have you been able to get this to work with the latest factory Nougat images from Google's website?
I successfully did your process above when I was on an older version of Nougat for Nexus 6 (beta release), but when I try now with NBD90Z Google Pay won't work after rooting after a full unroot.
Yes i'm seeing this also and other not root methods for tethering don't not seem to work either with NBD90Z .
cal028 said:
Yes i'm seeing this also and other not root methods for tethering don't not seem to work either with NBD90Z .
Click to expand...
Click to collapse
Hmm. Bummer. For a split second, I felt like I finally had a fully functioning Android
Almost regret upgrading to NBD90Z, but figured it would be less buggy. If anyone has figured out how to get AP and NBD90Z to work with a slightly modified build.prop file (to allow tethering), please update this thread!
cal028 said:
Yes i'm seeing this also and other not root methods for tethering don't not seem to work either with NBD90Z .
Click to expand...
Click to collapse
same for me too. Pulled build.prop and verified net.tethering.noprovisioning=true and settings put global tether_dun_required 0
still no luck on NBD90Z
w8291 said:
same for me too. Pulled build.prop and verified net.tethering.noprovisioning=true and settings put global tether_dun_required 0
still no luck on NBD90Z
Click to expand...
Click to collapse
Flashed back down to NRD90S and the method works again.
Where did you download that version?
The stock Nexus 6 images on the official Google site do not list that version as valid for the Nexus 6.
Are you using the Nexus 6P image?
May be a dumb question but I have a Moto X Pure running Ressurection Remix nougat ROM and I don't have WiFi tethering in my settings. Would this method work on it?
worked, thanks
n8onXDA said:
Have you been able to get this to work with the latest factory Nougat images from Google's website?
I successfully did your process above when I was on an older version of Nougat for Nexus 6 (beta release), but when I try now with NBD90Z Google Pay won't work after rooting after a full unroot.
Click to expand...
Click to collapse
With the current build, no methods work. SafetyNet check fails with the last 2 builds
Safety net now requires OEM lock, even fully stock with open bootloader never rooted fails
Sent from my Nexus 6 using Tapatalk
Ok great! Well at least I know I'm not missing some clever workaround. Isn't there a way to bypass SafetyNet and/or OEM lock? I thought someone was trying or working on something like this...
wrecklesswun said:
With the current build, no methods work. SafetyNet check fails with the last 2 builds
Click to expand...
Click to collapse
So I read that the March 2017 7.1.1 Update for Nexus 6 broke Android Pay even on non-rooted devices so Google released images with SafetyNet disabled. Would that version allow us to root AND use Android Pay since SafetyNet is disabled to make it work for regular users?
Had to do this but gaining root was going to be tricky (encrypted partition), and I didn't need root for any other reason. I unlocked the bootloaded, flashed twrp, and used adb to pull build.prop, added the line in (net.tethering.noprovisioning=true), pushed it back using adb (with twrp still running), and rebooted. Tethering is working fine now.
By the way -- this is so infuriating. When tethering does not work it asks your provider's permission even in airplane mode (which fails, it's airplane mode), so you can't use the phone to provide wifi to other devices. Such an amateurish disrespect for my rights as an owner of an unlocked device.
I flashed Vanilla rom 7.1.2, then flash stock recovery and locked bootloader and Android pay, Netflix and Snapchat etc all work. After I flashed Vanilla rom Android pay wasn't working stating I had a root, so I locked bootloader but was bootlooping into twrp. After flashing stock recovery it worked just fine
I discovered that you can you can have TWRP recovery and still use android pay so long as you have your bootloader locked. I am pretty sure you can still flash roms w/ locked bootloader in recovery but I am not positive

Verified boot + SafetyNet: Can't use Android Pay after bootloader unlock?

So, I'm aware the A7 has verified boot. That sucks.
And from what I've read that means if I unlock my bootloader I will trip SafetyNet and can not use Android Pay, Pokemon Go, Snapchat, etc. This fits what I've experienced myself: SafetyNet passes on stock with BL locked, but fails on stock with BL unlocked.
But, from what else I've read, verified boot can be disabled, or at least I thought.
I tried this: no-verity zip. No dice.
Also tried freeza's BeastMode kernel, for which he said he started working on a patch which would remove the verified boot flag and allow SafetyNet to work again.
That didn't work either.
I even checked the source code of his kernel, and it looks like it was patched.
I don't know what to do at this point. I need SafetyNet to pass, but I'd really like an extra level of customization...
Anyone else having this problem? Anyone have any ideas?
Wait. Freeza said he would work on it he has not released an update to his kernel since he said that so you haven't tried his attempt yet.
nujackk said:
Wait. Freeza said he would work on it he has not released an update to his kernel since he said that so you haven't tried his attempt yet.
Click to expand...
Click to collapse
Well gosh I hope you're right, but his changelog definitely says he put it in his vR12
-that safetynet patch for unlocked bootloader.
Click to expand...
Click to collapse
Well my bad, I didn't check Change log but swore he had 12 out before he agreed to that. Anyway did you post on his thread it wasn't working for you?
Could be they already patched safetynet doesn't usually take them too long to defeat anything done here.
MelloZ said:
I tried this: no-verity zip. No dice.
Also tried freeza's BeastMode kernel,
That didn't work either.
Click to expand...
Click to collapse
You are mixing two battles here:
One against the System verification. This check is in the stock bootloader and it doesn't boot when the system partition is modified in any way. The No-Verify patch you mention allows you to modify the system partition.
The other Battle is against SafetyNet protection against the new feature detecting unlocked bootloaders. That requires another patch. Magisk provides a generic patch for that but I have not been able to use Magisk+phh Superuser for Magisk to root the system. Not yet.
Hopefully @jcadduono has created a flashable patch using TWRP for the stock boot that applies the no-verify, bootloader unlock cloacking and it also provides support for Kcal functionality of our Axon 7 Hardware. KCAL support allows full control of the color calibration for Qualcomm MDSS 8x10/8x26/8974/8084/8939 family. You can access that functionality and customize the screen color calibration with the add-on App (requires root). Now you can unleash the full power of the AMOLED screen.
After applying that patch you will see that your system is again SafetyNet compliant. This will remain even when you modify the system partition.
I hope this could solve your problem with the KCAL support bonus.
Oki said:
You are mixing two battles here.
Click to expand...
Click to collapse
Thanks for clarifying that. I suppose the word root "verify" being in both of them confused my noobish brain.
Oki said:
Hopefully @jcadduono has created a patch flashable using TWRP for the stock boot that applies the no-verify, bootloader unlock cloacking and it also provides support for Kcal functionality of our Axon 7 Hardware
Click to expand...
Click to collapse
I'll be sure to try that out. I had seen his whole NetHunter kernel before, but I felt like I didn't need that whole Kali suite; I just want to use Android Pay.
Didn't know he had a patch for only the Safetynet thing.
MelloZ said:
Thanks for clarifying that. I suppose the word root "verify" being in both of them confused my noobish brain.
I'll be sure to try that out. I had seen his whole NetHunter kernel before, but I felt like I didn't need that whole Kali suite; I just want to use Android Pay.
Didn't know he had a patch for only the Safetynet thing.
Click to expand...
Click to collapse
The NetHunter kernel works standalone from the rest of NetHunter. You don't need all the NetHunter stuff.
It's why my thread starts with [Kernel+] - the kernel zip is totally separate!
The kernel is lightweight and the additional drivers only exist in memory and don't use any CPU unless they are triggered by a USB OTG device that uses them.
That being said, I haven't tested safetynet with it, but I heard some people were using it with HideSU. (that may be the key?)
Also, I suggest using the minimal one I posted somewhere in the thread, I think I broke USB completely with that last NetHunter kernel upload so I'll have to look into fixing that soon.
At the moment I'm working on a Nougat kernel. I have a near full functional CAF Nougat kernel based on latest tag of LA.UM.5.5.r1. It's only missing microphone input on stock but I know it works because for whatever reason the microphone is working in LineageOS 14.1 (although the speaker isn't, but LineageOS is later in interests)
Also testing out Linux 4.4!
jcadduono said:
That being said, I haven't tested safetynet with it, but I heard some people were using it with HideSU. (that may be the key?)
At the moment I'm working on a Nougat kernel. I have a near full functional CAF Nougat kernel based on latest tag of LA.UM.5.5.r1. It's only missing microphone input on stock but I know it works because for whatever reason the microphone is working in LineageOS 14.1 (although the speaker isn't, but LineageOS is later in interests)
Also testing out Linux 4.4!
Click to expand...
Click to collapse
Sure it works. The trick is to have TWRP 3.0.3 and flash SuperSU 2.79+SUhide 0.55+Your kernel patch+Xposed 82.6+Root Switch 1.3.3.2 application. When using PoGo, Android Pay or any other SafetyNet app just open Root Switch and disable temporary the root. Xposed will continue working!!!! For some reason the other alternative, Magisk, doesn't work.
By the way, ensure your kernels also support F2FS filesystem for system and cache partitions!!!!
Oki said:
By the way, ensure your kernels also support F2FS filesystem for system and cache partitions!!!!
Click to expand...
Click to collapse
no, that's stupid. ext4 is faster for indexing and reading, f2fs only has advantages in write performance.
cache isn't even used by the OS and making that f2fs will just break things.
i use ext4 on my data partition since i don't do a whole lot of write operations, and it makes the loading screen in TWRP go from 40 seconds to 3 seconds.
ext4 is also far more reliable on random power less or kernel crashes.
f2fs is a mess.
that being said, you can enable it by opening the zip file for the kernel installer and editing patch.d/*-f2fs-fstab
all you have to do is remove the # in front of the partitions you want f2fs added for near the bottom, just below the comment telling you what to do
Oki said:
Sure it works. The trick is to have TWRP 3.0.3 and flash SuperSU 2.79+SUhide 0.55+Your kernel patch+Xposed 82.6+Root Switch 1.3.3.2 application. When using PoGo, Android Pay or any other SafetyNet app just open Root Switch and disable temporary the root. Xposed will continue working!!!! Magisk doesn't work for some reason.
Click to expand...
Click to collapse
You have SuperSU2.79 working? With TWRP 3.0.3-0 (the official one) and stock B29 it fails every time. :/
MelloZ said:
You have SuperSU2.79 working? With TWRP 3.0.3-0 (the official one) and stock B29 it fails every time. :/
Click to expand...
Click to collapse
It is extrange, It failed with TWRP 3.0.2, that was the reason of flashing an older SuperSU ZIP. The latest TWRP version flashes2.79 properly on the B29 stock ROM.
Does anybody know how to get pay working on CM13?
ant456 said:
Does anybody know how to get pay working on CM13?
Click to expand...
Click to collapse
I haven't used CM on the A7 myself, but I've read a lot about it.
CM is pre-rooted, right? I believe you need to delete /system/bin/su and /system/xbin/su and then you can try systemless root+hidesu+root switch if you need root.
You can delete them from TWRP>Advanced>File Manager.
SuperSu full unroot may work too, but it might not get xbin/su
MelloZ said:
I haven't used CM on the A7 myself, but I've read a lot about it.
CM is pre-rooted, right? I believe you need to delete /system/bin/su and /system/xbin/su and then you can try systemless root+hidesu+root switch if you need root.
You can delete them from TWRP>Advanced>File Manager.
SuperSu full unroot may work too, but it might not get xbin/su
Click to expand...
Click to collapse
I think the problem is the unlocked bootloader but when I flash the Kali zip it breaks wifi on cm13
ant456 said:
I think the problem is the unlocked bootloader but when I flash the Kali zip it breaks wifi on cm13
Click to expand...
Click to collapse
From the Kali thread OP:
jcadduono said:
I present to you: Kali NetHunter 3.15.3 for the ZTE Axon 7.
(yes, a custom kernel for the ZTE Axon 7 on MiFavor!)
Click to expand...
Click to collapse
"on MiFavor"
You're not really supposed to use that kernel on CM...

[mini-GUIDE] about OTA and bricks - STOP FLASHING TWRP!!!!!! Boot it instead

I am not responsible for your bricked phone or pigeon poo on your toupe. Do at your own risk.
Stop flashing TWRP !!!!!!! Uninstall magisk before OTA !!!!!!!
If you try to OTA when you have modified your recovery you will likely brick.
If you have magisk OTA will fail.
Fix: Boot to fastboot and see my mini-guide:
https://forum.xda-developers.com/mo...ed-special-case-attempt-t3812530#post77011361
(hiding magisk makes no difference - it will fail - you must temp boot to TWRP and flash uninstall it.)
- thanks @echo92
- - -
I used to flash TWRP as a matter of course. I don't any more after i bricked my phone. Fortunately I could boot to fastboot and created that mini-guide. Fortunately that fixed it. I know there are some that cannot boot to fastboot and I have no solution.
- - - - -
Now, whenever I need TWRP, I boot to it instead (thanks!!! @jceballos )
Code:
fastboot boot twrpimagename.img
That will boot your phone to TWRP and then you can do what you want.
On a 7 bootloader system
1 i will flash magisk 16.0, boot to ROM, tap magisk and let it update magisk mgr - and then I have root for whatever root stuff I need.
When I am done with that and want to eg play PoGo, I again temp boot to TWRP, and flash the latest magisk uninstaller. PoGo then plays fine.
On a 8 bootloader system I will use @rafikowy 's method
https://forum.xda-developers.com/moto-z-play/how-to/guide-how-to-magisk-root-xposed-oreo-8-t3743273
BUT I do the temp boot to TWRP first INSTEAD OF THE FLASH TO TWRP - then the rest of the stuff in that post. - read all of that post - there's a bootloop fix which I often need.
- - - - -
ALSO, my opinion is that you should NEVER lock/relock the bootloader of your phone. There is nothing to be gained and you will likely never be able to unlock it - no more mods - ever.
Would the direct boot work with a locked bootloader?
mantin36 said:
Would the direct boot work with a locked bootloader?
Click to expand...
Click to collapse
by the phrase "direct boot" I am guessing you mean "fastboot boot recovery.img"
Let's think this through...
Okay, suppose that works and you are now looking at TWRP (or whatever) on your bootloader locked phone.
Then what would you do?
I suppose you would try to flash a custom ROM and gapps etc and boot to it.
Even if that worked perfectly, and I have no idea if it would, How would you bail yourself out of a problem.
The new guides would be useless to you because your bootloader is locked.
You couldn't change from 7 to 8 or back. You would be totally stuck, imho.
So I would never suggest you try something like that, but I would advise only do it if you are totally willing to throw your phone away.
I'd just use it to root my phone to install v4a and then uninstall root, because I don't really need for anything else at the moment
mantin36 said:
I'd just use it to root my phone to install v4a and then uninstall root, because I don't really need for anything else at the moment
Click to expand...
Click to collapse
Again, my advice - DON'T.
Unlock your bl.
I unlocked the boadloader then I locked
Can I unlock it again ?
Will be any problems?
a) locking it gains nothing.
b) don't know - you'd have to try it.
c) don't know.

Barnes & Noble Nook Tablet 10.1" BNTV650, working!

Just picked one of these up last week, and it has no restrictions on unlocking the bootloader. Boots AOSP 8.1 Phh-Treble almost perfectly. The boot animation was missing, but the wifi, bluetooth, and camera all seem to work just fine.
It doesn't seem to boot AOSP 9, though. Something about keymaster version mismatches, it seems like.
izzy84075 said:
Just picked one of these up last week, and it has no restrictions on unlocking the bootloader. Boots AOSP 8.1 Phh-Treble almost perfectly. The boot animation was missing, but the wifi, bluetooth, and camera all seem to work just fine.
It doesn't seem to boot AOSP 9, though. Something about keymaster version mismatches, it seems like.
Click to expand...
Click to collapse
Make sure that Your kernel is using same security patch date as GSI. I think Phh GSI is supposed to adjust itself to any security patch but if it's not happening then open system.img (Phh Pie) and check security patch. Then use Android Image Kitchen (AIK) to unpack stock boot image and go to.. I literally forgot the name of that folder lol.. there should be 2 folders, ramdisk and something else. So open that "something else" folder then edit oslevel and change security patch to the one that's in Phh Pie.
Now flash image-new.img and system.img and Phh Pie should boot now :fingers-crossed:.
whats the default os version on these puppies ?
Could someone post steps to unlock/root? I've not used a custom ROM since KitKat. The default B&N software is trash.
senselocke said:
Could someone post steps to unlock/root? I've not used a custom ROM since KitKat. The default B&N software is trash.
Click to expand...
Click to collapse
I unlocked the boot loader of the Nook Tablet 10.1”, I installed Project Treble 8.1.0 and Project Treble 9.0, they both had WiFi connection problems.
I installed the most recent version of PHH's Pi GSI and it works flawlessly, even boots up quire quickly after the initial flash. To my knowledge everything works, boot animation, bluetooth, wifi, all of it. Very simple process, just unlock bootloader, get the GSI, flash, and go. Painless, simple, and flawless thus far.
I'm a huge noob to flashing and the thought of bricking scares me, but I'm trying to setup a guide I just don't have the gal to actually test it. I want to backup everything, rom and recovery included and be able to put everything back to stock I just don't know if TWRP works with it. If this is wrong, someone please correct me and I'll edit this post.
1. open developer options via tapping build in about tablet until it opens. Enable usb debugging and oem unlock.
2. install 15 second adb onto your pc, plug your tablet in via usb and with it off, hold volume up and power to go into recovery. select "reboot into bootloader". you'll see "fastboot enabled" on the bottom left of the screen. In a command prompt run "fastboot devices" to make sure its there (you should see a string of numbers popup) then run "fastboot oem unlock". on the tablet you'll see a "do you want to unlock your bootloader?" press volume up for yes. then "fastboot reboot" to go back to your tablet.
3. google for "frama root" and put it on the root of your sdcard. Use the boromir or whichever until root is successful. (you'll probably have to reboot)
4. (the part I'm not sure will work) install twrp manager from the play store and backup everything to your sdcard. partitions, etc.
5. get a gsi image, put it on your SD card, boot into twrp and flash.
To go back to stock
restore your twrp backup, run frama root to unroot your tablet, use adb and fastboot to run "fastboot oem lock" to lock the bootloader and uncheck the stuff in dev options .
I picked up one of these things a few months ago. I'm thinking about unlocking the bootloader, rooting it, etc. I did some work on previous Android versions (think KitKat), but 8.x is pretty new to me.
Regarding TWRP -- someone needs to actually port it for this device. At least that is how it worked prior to 8.x. I haven't seen one for the BNTV650 so far. Looks like the "Flash GSI without TWRP" steps apply.
alyxnsac said:
I installed the most recent version of PHH's Pi GSI
Click to expand...
Click to collapse
Which one? AOSP 9 I presume, but can you confirm? I'm getting one of these babies and the first thing I will do is to try to install a good, alternate ROM on it (I never use the manufacturer's ROM if I can avoid it).

How to install OTA updates with unlocked bootloader?

I have PPW29.116-20 update installed on my G6 Plus. On that same update, I followed the instructions from the other thread to unlock bootloader and install Magisk for root. Now, I am trying to figure out how to install latest OTA security update that started showing up few days ago. I couldn't find any clear instructions around here, as most of them are either from Oreo times, or not very clear. Hopefully, someone has run into this issue on Pie already and knows how to deal with it. Any help would be greatly appreciated.
mrh45Zed said:
I have PPW29.116-20 update installed on my G6 Plus. On that same update, I followed the instructions from the other thread to unlock bootloader and install Magisk for root. Now, I am trying to figure out how to install latest OTA security update that started showing up few days ago. I couldn't find any clear instructions around here, as most of them are either from Oreo times, or not very clear. Hopefully, someone has run into this issue on Pie already and knows how to deal with it. Any help would be greatly appreciated.
Click to expand...
Click to collapse
As far as I know, You can't. You have to be on stock ROM, re-lock the bootloader, take the OTA. There are some risks in re-locking, you can't have any modifications active or you might brick. But if you know what you're doing, it's safe.
weazie said:
As far as I know, You can't. You have to be on stock ROM, re-lock the bootloader, take the OTA. There are some risks in re-locking, you can't have any modifications active or you might brick. But if you know what you're doing, it's safe.
Click to expand...
Click to collapse
Does locking need to be in the original stock or the latest version also works?
dangelfire said:
Does locking need to be in the original stock or the latest version also works?
Click to expand...
Click to collapse
Latest also works. That way you get the newest one and the OTA update is not needed until the next possible update.
You have to uninstall root, if you had a custom.bootlogo you have to replace it with original bootlogo and you can take the OTA.
Or you can just download full fastboot firmware and flash it
https://mirrors.lolinet.com/firmware/moto/evert/official/
Select your channel (don't know what's your channel? Go to settings> about phone and software channel)
If your channel don't have the lastest build version download from retail folder
Sent from my Motorola Moto G6 Plus using XDA Labs
I tried to relock my bootloader, and while it was successfully relocked, I am still unable to get updates.
I unlocked it back on Oreo, but never made any other software changes.
The device boots up with the 'different OS has been installed' message and the updater tells me the system integrity is compromised. The device is also decertified from Google play.
Has anyone got any tips?
awdAvenger said:
I tried to relock my bootloader, and while it was successfully relocked, I am still unable to get updates.
I unlocked it back on Oreo, but never made any other software changes.
The device boots up with the 'different OS has been installed' message and the updater tells me the system integrity is compromised. The device is also decertified from Google play.
Has anyone got any tips?
Click to expand...
Click to collapse
Maybe get the latest version for your channel and flash it using fastboot (as in, full wipe OS reinstall). But wait to see if anyone here has a better idea.
awdAvenger said:
I tried to relock my bootloader, and while it was successfully relocked, I am still unable to get updates.
I unlocked it back on Oreo, but never made any other software changes.
The device boots up with the 'different OS has been installed' message and the updater tells me the system integrity is compromised. The device is also decertified from Google play.
Has anyone got any tips?
Click to expand...
Click to collapse
for now there`s no a perfect way to re lock bootloader, if you want to hide the "different OS has been installed" warn only flash this zip before you re lock your bootloader, dont forget that in stock will still show that system is compromised if you try to search for updates. (so my recommendation is dont relock bootloader! flash full stock rom with fastboot commands if you dont want to loose your apps just erase "fastboot erase userdata" from fastboot commands)
https://drive.google.com/open?id=1VE0kaUxmUbbhhNo075MCaW6VxaOTiDL6
For get certified playstore you need to verify that you can install Netflix if you can only wipe app data and playstore will show as certified device.
if you cant install netflix you need to change device fingerprint with a magisk module Safety Net Patch or with Magisk hide props.
ETA: never mind, figured it out.

Categories

Resources